在 Laravel 5.2 中限制登录尝试
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/36215024/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Limit login attempts in Laravel 5.2
提问by Fidha Nasher
I am created a Laravel 5.2 application; I need to limit failure login attempts.I am created a AuthController with following code; But not working logging attempt lock.
我创建了一个 Laravel 5.2 应用程序;我需要限制失败登录尝试。我使用以下代码创建了一个 AuthController;但不工作日志尝试锁定。
<?php
namespace App\Http\Controllers\Auth;
use App\User;
use Validator;
use Auth;
use URL;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class AuthController extends Controller
{
use AuthenticatesAndRegistersUsers;
protected $maxLoginAttempts=5;
protected $lockoutTime=300;
/**
* Create a new authentication controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest', ['except' => 'getLogout']);
$this->loginPath = URL::route('login');
$this->redirectTo = URL::route('dashboard'); //url after login
$this->redirectAfterLogout = URL::route('home');
}
public function index()
{
return 'Login Page';
}
/**
* Handle a login request to the application.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function postLogin(Request $request)
{
$this->validate($request, [
'username' => 'required', 'password' => 'required',
]);
$throttles = $this->isUsingThrottlesLoginsTrait();
if ($throttles && $this->hasTooManyLoginAttempts($request)) {
return $this->sendLockoutResponse($request);
}
$credentials = $this->getCredentials($request);
if (Auth::attempt($credentials, $request->has('remember'))) {
return redirect()->intended($this->redirectPath());
}
if ($throttles) {
$this->incrementLoginAttempts($request);
}
return redirect($this->loginPath)
->withInput($request->only('username', 'remember'))
->withErrors([
'username' => $this->getFailedLoginMessage(),
]);
}
/**
* Get the needed authorization credentials from the request.
*
* @param \Illuminate\Http\Request $request
* @return array
*/
protected function getCredentials(Request $request)
{
return $request->only('username', 'password');
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
protected function create(array $data)
{
return User::create([
'name' => $data['name'],
'username' => $data['username'],
'password' => bcrypt($data['password']),
]);
}
}
After many failure login their is no error message displayed. I am added some line to display error in login.blade.php file
在多次登录失败后,他们没有显示错误消息。我添加了一些行来显示 login.blade.php 文件中的错误
回答by facebook-10203229637341337
Assuming you have implemented the make:authartisan command of laravel.
Inside of the loginController, change the properties:
假设你已经实现了make:authlaravel的artisan 命令。在 内部loginController,更改属性:
protected $maxLoginAttempts=5;to protected $maxAttempts = 5;
protected $maxLoginAttempts=5;到 protected $maxAttempts = 5;
and
和
protected $lockoutTime=300;to protected $decayMinutes = 5; //in minutes
protected $lockoutTime=300;到 protected $decayMinutes = 5; //in minutes
回答by Hrach
you need to use ThrottlesLogins trait in your controller
你需要在你的控制器中使用 ThrottlesLogins trait
....
use AuthenticatesAndRegistersUsers, ThrottlesLogins ;
...
回答by tomash
take a look here https://github.com/GrahamCampbell/Laravel-Throttleand here https://mattstauffer.co/blog/login-throttling-in-laravel-5.1
看看这里https://github.com/GrahamCampbell/Laravel-Throttle和这里https://mattstauffer.co/blog/login-throttling-in-laravel-5.1
Second link is for L5.1, but I think shouldnt be different for L5.2 Hope it helps!
第二个链接适用于 L5.1,但我认为 L5.2 不应该有所不同希望它有所帮助!
Have a nice day.
祝你今天过得愉快。
回答by ferdousulhaque
Just overriding the following 2 functions maxAttempts and decayMinutes will be good to go. This 2 functions belong to Illuminate\Foundation\Auth\ThrottlesLogins.php file. I have tested on Laravel 5.6 version and working fine.
只需覆盖以下 2 个函数 maxAttempts 和decayMinutes 就可以了。这 2 个函数属于 Illuminate\Foundation\Auth\ThrottlesLogins.php 文件。我已经在 Laravel 5.6 版本上测试过并且工作正常。
public function maxAttempts()
{
//Lock on 4th Failed Login Attempt
return 3;
}
public function decayMinutes()
{
//Lock for 2 minutes
return 2;
}
